Omnivery's SMTP relay delivers enterprise-grade email infrastructure to any system capable of sending via SMTP — from modern SaaS applications to decades-old legacy platforms. ISO 27001, ISO 27701, and HIPAA certified. GDPR-native. 100% own infrastructure. No third-party cloud.
Updated: April 2026 · Reading time: 7 min
An SMTP relay is an intermediary service that receives outbound email from your application or system and handles delivery to the recipient's inbox — including authentication, reputation management, bounce handling, and compliance. Instead of configuring your own mail server (with all the infrastructure, IP warming, DNS management, and deliverability expertise that requires), you route your email through a trusted relay provider and inherit their sending infrastructure.
SMTP relay is one of the oldest and most universally supported email sending methods. Every application framework, every programming language, every operating system has native SMTP support — which is precisely why it remains the connectivity method of choice for a wide range of systems, from brand-new microservices to mainframe applications that have been running reliably for 30 years.
When your application sends an email, it connects to the relay provider's SMTP server (typically on port 587 with STARTTLS, or port 465 with TLS), authenticates with credentials, and hands off the message. The relay provider then handles everything from that point: DKIM signing, SPF alignment, DMARC enforcement, IP reputation management, bounce processing, and delivery to the recipient's inbox. Your application does not need to know anything about the destination mail server — the relay handles routing, retry logic, and failure handling transparently.
SMTP relay and a REST API are two integration methods for the same underlying service. SMTP is a protocol your systems already speak natively — no SDK, no library dependencies, no code migration when switching providers. A REST API offers more programmatic flexibility for modern applications that want fine-grained control over templating, event handling, and dynamic content. At Omnivery, both methods provide identical platform capabilities. The choice is purely an integration decision. For enterprise systems, ERP platforms, and legacy applications, SMTP relay is almost always the right answer — it requires no changes to the sending application and inherits the full platform stack through a single configuration update.
Enterprise systems — SAP, Oracle, Microsoft Dynamics, legacy ERP and billing platforms — generate significant volumes of transactional email: purchase orders, invoices, delivery confirmations, system alerts, and compliance notifications. These systems universally support outbound SMTP but are rarely candidates for API integration. Upgrade cycles are long, change control is strict, and the email sending function is a small part of a much larger system that cannot be modified in isolation.
SMTP relay is the standard integration path for these environments. Routing the ERP's outbound email through a certified relay provider means the organisation's compliance posture — GDPR, ISO 27001, HIPAA — extends to its ERP-generated email without touching the ERP itself. For organisations undergoing compliance audits or vendor assessments, this is often the fastest path to closing a finding related to outbound email data handling.
For developers and engineering teams, SMTP relay offers a clean, well-understood integration path that works across any stack without SDK dependencies. Many teams prefer SMTP for its simplicity, portability, and the fact that switching relay providers requires changing a single configuration value — not a code migration.
For utilities, financial institutions, healthcare organisations, and public sector bodies, SMTP relay is not a preference — it is the only viable option. These organisations operate email-generating infrastructure built years or decades ago: billing platforms, reporting systems, customer notification engines, enterprise ERP integrations. These systems are proven, reliable, and often impossible to modify on a practical timeline. In industries like utilities and finance, software upgrade cycles are measured in years, sometimes decades. The requirement to achieve GDPR compliance, ISO certification, or HIPAA readiness does not come with a budget to rebuild the underlying infrastructure. SMTP relay is the bridge: point the legacy system at Omnivery's relay endpoint, and it immediately inherits the platform's full compliance, security, and deliverability stack — with no changes to the sending system. Multiple utility companies use Omnivery for exactly this reason.
At most providers, SMTP relay is a basic integration path: a delivery pipe without the capabilities available through the REST API. Omnivery is different. Omnivery's SMTP relay supports every feature available through the API — templating, webhooks, phishing protection, email journaling, bot detection, and more. Choosing SMTP over API is a choice about integration method, not a trade-off in platform capability.
This matters especially for legacy system operators. Routing an older billing platform or reporting system through Omnivery's SMTP relay does not mean accepting second-class infrastructure. It means getting the complete platform — all features, all compliance certifications, all monitoring — through a protocol the legacy system already supports natively.
Every feature listed below is available to SMTP relay customers, identically to API customers:
Legacy email-generating systems are not candidates for rapid API migration. A billing platform that has processed millions of transactions reliably for 20 years is not going to be rebuilt in a 3-month sprint because GDPR came into force or because Google updated its bulk sender guidelines. But the compliance obligations are real and immediate. GDPR applies to every email containing personal data. ISO and HIPAA certification requirements apply to the entire data-handling chain, including outbound email. The question is not whether to comply — it is how to comply without disrupting proven infrastructure.
Omnivery's SMTP relay requires exactly one change to any legacy system: update the SMTP server address and credentials. That is the entire integration. From that point:
The legacy system continues to operate exactly as it always has. The compliance posture changes immediately.
Organisations that have struggled to keep up with evolving email standards — the Gmail/Yahoo bulk sender guidelines being the most recent example — benefit significantly from Omnivery's proactive compliance posture. Omnivery enforces stricter standards than providers currently require. When requirements change, Omnivery customers are already compliant. For organisations where system changes take years, this is not a convenience — it is material risk reduction.
Omnivery's IP infrastructure is built on strict vetting: every customer signs a contract, every domain is reviewed by staff, no free plans exist. The result is a clean sending neighbourhood where no anonymous sender can drag down your reputation. This vetted neighbourhood outperforms dedicated IPs for the majority of senders. Dedicated IPs carry only your own sending history, start cold, require sustained volume to maintain warmth, and provide no collective buffer when a mistake happens. Many senders — particularly those with legacy systems sending at irregular volumes — cannot keep a dedicated IP properly warmed. A cold dedicated IP performs worse than a well-managed shared pool. Omnivery offers dedicated IPs where genuinely warranted for the highest-volume senders. But for most customers, the vetted neighbourhood is the stronger default.
Omnivery's parent company is headquartered in the Czech Republic. EU law governs its operations. For EU organisations or any organisation processing EU personal data, this means no Schrems II complications, no Standard Contractual Clauses required for the controller-processor relationship, and no US CLOUD Act jurisdiction risk over your email data. This is a structural compliance advantage that no US-headquartered SMTP relay provider can replicate.
Omnivery's deliverability monitoring is not a software notification system. Senior deliverability analysts actively review sending data and contact customers directly when they identify emerging issues — before those issues become incidents. In an industry moving toward AI-driven automation and reduced expert headcount, Omnivery is moving in the opposite direction. Every customer has a real expert to call.
| Feature | Self-hosted mail server | SendGrid SMTP | Mailgun SMTP | Omnivery SMTP Relay |
|---|---|---|---|---|
| Infrastructure | Your own | AWS shared | AWS shared | 100% own — no AWS/Azure/GCP |
| Feature parity with API | N/A | Reduced | Reduced | ✓ Full parity |
| Templating via SMTP | Manual | Limited | Limited | ✓ Full |
| Webhooks via SMTP | Manual | ✓ | ✓ | ✓ Full |
| ISO 27001 | Depends | ✓ | ✗ | ✓ |
| ISO 27701 | Depends | ✗ | ✗ | ✓ |
| HIPAA | Depends | ✗ | ✗ | ✓ |
| GDPR — content storage | Depends | Stored | Stored | Never stored |
| EU parent company | N/A | ✗ (Twilio, US) | ✗ (Sinch, mixed) | ✓ (Czech Republic) |
| Deliverability monitoring | Manual | Automated alerts | Automated alerts | Senior analysts — proactive |
| Compliance updates | Manual | Reactive | Reactive | Proactive — ahead of changes |
| Vetting / bad actor protection | N/A | Weak | Weak | Strict — every customer reviewed |
| Legacy system compatible | ✓ | ✓ | ✓ | ✓ |
| Bot detection | ✗ | ✗ | ✗ | ✓ Included |
| Email journaling | Manual | Add-on | ✗ | ✓ Native |
| Phishing protection | Manual | Basic | Basic | ✓ Real-time |
Setting up Omnivery SMTP relay takes minutes for modern systems. For legacy systems, the configuration is typically a single settings file change.
Your account is reviewed and approved by Omnivery's team before activation. This vetting is what protects every sender on the platform.
Omnivery configures SPF, DKIM, DMARC, and any emerging provider requirements. You are immediately compliant with the latest standards — and ahead of the next round.
Point your application or legacy system to Omnivery's SMTP endpoint with your credentials. For legacy systems, this is typically the only change required.
Omnivery handles authentication, reputation management, deliverability monitoring, compliance data handling, and bounce processing from this point forward.
Billing platforms, outage notifications, and customer communications that cannot be migrated to REST APIs on short timelines but must comply with GDPR and evolving provider requirements.
Transaction notifications, statement delivery, and compliance reporting from legacy core banking and ERP systems.
Patient communications, appointment confirmations, and administrative email from systems that must maintain HIPAA compliance. Omnivery is HIPAA certified. Contact sales@omnivery.com for BAA arrangements.
Government and institutional email-generating systems where procurement requires ISO certification and audit trails.
Who prefer SMTP for its simplicity, universality, and provider portability, and want enterprise-grade compliance and deliverability behind it.
Organisations with a mix of modern API-integrated applications and legacy SMTP-only systems who want a single certified relay provider for all outbound email.
Omnivery's SMTP relay has full feature parity with the REST API. Templating, webhooks, phishing protection, email journaling, bot detection, and all compliance infrastructure are available identically through both integration methods. SMTP relay at Omnivery is a first-class integration path, not a reduced-capability option.
Omnivery's SMTP relay is compatible with any system that supports SMTP — regardless of age, programming language, or architecture.
Omnivery is certified to ISO 27001, ISO 27701, and HIPAA. All certifications are independently audited. These certifications extend to email routed through Omnivery's SMTP relay.
Omnivery never stores the content of email messages routed through its relay. Delivery metadata is retained for a maximum of 30 days.
Omnivery's parent company is headquartered in the EU (Czech Republic). EU law governs its operations — no US CLOUD Act jurisdiction risk, no Schrems II complications.
Omnivery enforces stricter sending standards than mailbox providers currently require. When Google and Yahoo introduced bulk sender guidelines, Omnivery customers required no changes — their infrastructure had been compliant for years in advance.
Omnivery operates 100% on its own physical infrastructure. No third-party cloud provider is used.
Omnivery's vetted IP neighbourhood outperforms dedicated IPs for most senders. Every customer is vetted before contract; every sending domain is reviewed by staff.
Multiple utility companies use Omnivery's SMTP relay to achieve compliance on legacy billing and notification systems without modifying those systems.
Omnivery's HIPAA certificate is publicly available at omnivery.com/documents/omnivery_hipaa_certificate.pdf.
Omnivery's SMTP relay delivers enterprise-grade compliance, deliverability, and security infrastructure to any system — from the newest microservice to the oldest legacy platform — through a single configuration change.
Are you ready for the next level in security, privacy and deliverability?
